package com.ktkj.init.controller;

import com.ktkj.init.entity.UserInfo;
import io.swagger.annotations.Api;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import springfox.documentation.annotations.ApiIgnore;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

/**
 * 用户权限测试管理
 *
 * @author yanlixiong
 **/
@Api(tags = "用户权限测试管理")
@ApiIgnore
@Controller
@RequestMapping("/userPermissionTest")
public class UserPermissionTestController {

    @Resource
    private HttpServletRequest request;

    /**
     * 登录页面
     */
    @RequestMapping("/toLoginView")
    public String toLoginView() {
        return "login.html";
    }

    /**
     * 首页页面
     */
    @RequestMapping("/index")
    public String index() {
        //获取当前登录人
        UserInfo userInfo = (UserInfo) SecurityUtils.getSubject().getPrincipal();
        request.setAttribute("userInfo", userInfo);
        return "index.html";
    }

    /**
     * 登录操作
     */
    @RequestMapping("/login")
    public String login(String userName, String password) {
        //参数验证
        if (StringUtils.isBlank(userName) || StringUtils.isBlank(password)) {
            return "login.html";
        }
        //账号密码令牌
        AuthenticationToken token = new UsernamePasswordToken(userName, password);
        //获得当前用户到登录对象，现在状态为未认证
        Subject subject = SecurityUtils.getSubject();
        try {
            //将令牌传到shiro提供的login方法验证，需要自定义realm
            subject.login(token);

            //没有异常表示验证成功,进入首页
            return "redirect:/userPermissionTest/index";
        } catch (IncorrectCredentialsException ice) {
            request.setAttribute("message", "用户名或密码不正确！");
        } catch (UnknownAccountException uae) {
            request.setAttribute("message", "未知账户！");
        } catch (LockedAccountException lae) {
            request.setAttribute("message", "账户被锁定！");
        } catch (DisabledAccountException dae) {
            request.setAttribute("message", "账户被禁用！");
        } catch (ExcessiveAttemptsException eae) {
            request.setAttribute("message", "用户名或密码错误次数太多！");
        } catch (AuthenticationException ae) {
            request.setAttribute("message", "验证未通过！");
        } catch (Exception e) {
            request.setAttribute("message", "验证未通过！");
        }
        return "login.html";
    }

    /**
     * 登出操作
     */
    @RequestMapping("/logout")
    public String logout() {
        //登出清除缓存
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return "redirect:/userPermissionTest/toLoginView";
    }


    /**
     * 查询用户
     */
    @RequiresPermissions("user:list")
    @RequestMapping("/searchUser")
    public String searchUser() {
        request.setAttribute("message", "查询用户");
        return "user.html";
    }

    /**
     * 新增用户
     */
    @RequiresPermissions("user:add")
    @RequestMapping("/addUser")
    public String addUser() {
        request.setAttribute("message", "新增用户");
        return "user.html";
    }

    /**
     * 修改用户
     */
    @RequiresPermissions("user:edit")
    @RequestMapping("/editUser")
    public String editUser() {
        request.setAttribute("message", "修改用户");
        return "user.html";
    }

    /**
     * 删除用户
     */
    @RequiresPermissions("user:delete")
    @RequestMapping("/deleteUser")
    public String deleteUser() {
        request.setAttribute("message", "删除用户");
        return "user.html";
    }

    /**
     * 用户统计（无权限）
     */
    @RequiresPermissions("user:summarize")
    @RequestMapping("/summarizeUser")
    public String summarizeUser() {
        request.setAttribute("message", "用户统计");
        return "user.html";
    }

    @RequestMapping("/unauthorized")
    public String unauthorized() {
        System.out.println("1");
        System.out.println("2");
        return "403.html";
    }
}
